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- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timely filed 
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2a)Q This action is FINAL. 2b)S This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 
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DETAILED ACTION 

The Request for Continued Examination has been accepted and entered. 

Response to Arguments 

Applicant's arguments with respect to claims 1, 2, and 4 have been considered but are 
moot in view of the new ground(s) of rejection. 

Claim Rejections - 35 (JSC § 101 
35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or 
any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and 
requirements of this title. 

The claimed invention is directed to non-statutory subject matter. Claim 1 is a system 
that is completely comprised of functional descriptive material. Descriptive material can 
be characterized as either "functional descriptive material" or "nonfunctional descriptive 
material." In this context, "functional descriptive material" consists of data structures and 
computer programs which impart functionality when employed as a computer 
component. 

When functional descriptive material is recorded on some computer-readable medium, it 
becomes structurally and functionally interrelated to the medium and will be statutory in 
most cases since use of technology permits the function of the descriptive material to be 
realized. See MPEP 2106.01 
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Claim Rejections - 35 USC §103 
The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

Claims 1, 2, and 4 are rejected under 35 U.S.C, 103(a) as being unpatentable over 
Proust et al. (6,216,014 Bl) in view of Jennings, III (6,134,631 A) in view of Barkley 
US 6,202,066. 

As per claim 1 Proust et al. (6,216,014 Bl) teach a system of managing the security of 
data processing applications (see col. 3, lines 37-40 where a system of managing of 
applications by secure means is disclosed), comprising: 

Directory in which the data processing applications are stored (see col. 12, lines 46-67 
where directory files such as master file or root directory and sub-directories stores 
application files such as loyalty application, payment applications), said directories being 
organized in an n-level tree (see col. 12, lines 46-52 where the directories are structured as 
three level hierarchical structure, that is corresponds to Applicant's n-level tree structure 
as a hierarchical structure); and 

A number of security registers, which are selectively allocatable to any one of a plurality 
of said directories, each security register containing all rights or secrets which have been 



/ 
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granted under the directory to which it has been allocated (see col. 13, lines 36-55 which 
relates to fig.5 flowchart, step 57 disclose having reference secret and a message 
authentication mode which relate to the related file and under a directory as disclosed 
above in col. 12, lines 46-67; therefore rights that corresponds to message authentication 
mode that verify the access control policy to be used for the related file which itself 
relates to transmitted remote application; and on the other hand secrets such as reference 
secret related to corresponding file that itself relates to remote application; further col. 14, 
lines 6-9 and 28-47 disclose data storage holds a secret reference, a security scheme and 
authentication mode and their storage in the data storage and how the pointer points to 
the location of the storage; examiner considers location of the storage where the identifier 
points to as corresponding to the security register that holds the message that contains 
reference secret or rights) but do not disclose that security registers or particular location 
of the memory that corresponds to a security registers is allocated to and it is under a 
directory. However Jennings, III (6,134,631 A) teach an slave device that being treated as 
a hierarchical memory system that security registers or particular location of the memory 
that corresponds to a security registers is allocated to and it is under a directory (see col. 
3, lines 29-33 where it disclose memory systems is hierarchical able to retrieve files 
within a stored directory). It would have been obvious to one of ordinary skilled in the art 
at the time the invention was made to utilize Jennings, III (6,134,631 A) allocation of 
security register or a memory location under a single directory in Proust et al. (6,216,014 
Bl)'s hierarchical file management security system of processing applications in order to 
provide additional performance for demanding applications while adding little additional 
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hardware by utilizing the slave device as hierarchical memory system on which to 
retrieve and store files that are stored under a directory. 

Neither Proust or Jennings, III teach granting rights that are de-allocatable from said one 
directory and allocatable to another directory. 

Barkley teaches granting of rights that may be de-allocatable from one and allocatable to 
another at any time, where object access types that may be edited, assigned and removed 
from objects, (see col 7 lines 25-40, 50-55). 

It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to utilize Barkley' s allocation and de-allocation of rights with the directories of 
Proust in order to provide easy modification to the rights in said directories. 

As per claim 2 Proust et al. (6,216,014 Bl) teach a method of managing the security of 
data processing applications, comprising the steps of: 

selecting one of a plurality of directories that are organized in an n-level hierarchy (see 
col. 12, lines 46-52 where the directories are structured as three level hierarchical 
structure, that is corresponds to Applicant's n-level tree structure as a hierarchical 
structure); 

storing in an allocated security register rights granted under the directory to which said 
register has been allocated, according to given rules (see col. 13, lines 36-55 which relates 
to fig.5 flowchart, step 57 disclose having reference secret and a message authentication 
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mode which relate to the related file and under a directory as disclosed above in col. 12, 
lines 46-67; therefore rights that corresponds to message authentication mode that verify 
the access control policy to be used for the related file which itself relates to transmitted 
remote application are corresponding to given rules; and on the other hand secrets such as 
reference secret related to corresponding file that itself relates to remote application; 
further col 14, lines 6-9 and 28-47 disclose data storage holds a secret reference, a 
security scheme (given rule) and authentication mode (authentication rule) and their 
storage in the data storage and how the pointer points to the location of the storage; 
examiner considers location of the storage where the identifier points to as corresponding 
to the security register that holds the message that contains reference secret or rights), 
seeking the secrets presented in a directory in which a data processing applications is 
stored (see col. 12, lines 46-52 where the directories are structured as three level 
hierarchical structure, that is corresponds to Applicant's n-level tree structure as a 
hierarchical structure where examiner considers the root directory or master file directory 
represent the highest level directory or level 1 directory as a root directory where other 
subdirectories are under such directory; and see col. 12, lines 46-67 where directory files 
such as master file or root directory and sub-directories stores application files such as 
loyalty application, payment applications); and 

(c) verifying the knowledge of one or more rights at the level of the data processing 
application (see fig. 6-9 where knowledge of one or more rights such as security scheme 
of application or security attributes or secret reference or authorization mode is verified 
in relation with one another; col. 12, lines 58-61 where a right of access to Loyalty remote 
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applications is verified by verifying access condition "private") but do not disclose 
explicitly that security registers or particular location of the memory that corresponds to 
a security registers is allocated to and it is under a directory. 

However Jennings, III (6,134,631 A) teach an slave device that being treated as a 
hierarchical memory system that security registers or particular location of the memory 
that corresponds to a security registers is allocated to and it is under a single directory 
(see col. 3, lines 29-33 where it disclose memory systems is hierarchical able to retrieve 
files within a stored directory and therefore any retrieval of files from any location that 
corresponds to security register in the memory is under a directory). It would have been 
obvious to one of ordinary skilled in the art at the time the invention was made to utilize 
Jennings, III (6,134,631 A) allocation of security register or a memory location under a 
single directory in Proust et al. (6,216,014 Bl)'s hierarchical file management security 
system of processing applications in order to provide additional performance for 
demanding applications while adding little additional hardware by utilizing the slave 
device as hierarchical memory system on which to retrieve and store files that are stored 
under a directory. 

Proust et al. (6,216,014 Bl) in view of Jennings, III (6,134,631 A) however do not 
explicitly disclose de-allocation with respect to directories and their corresponding 
registers. 
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Barkley teaches granting of rights that may be de-allocatable from one and allocatable to 
another at any time, where object access types that may be edited, assigned and removed 
from objects, (see col 7 lines 25-40, 50-55). 

It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to utilize Barkley' s allocation and de-allocation of rights with the directories of 
Proust in order to provide easy modification to the rights in said directories. 

As per claim 4 Proust et al. (6,216,014 Bl) teach a method according to claim 2 wherein 
said seeking step is performed according to the following rule: verifying that the secret 
presented is known in the current directory (Ni) or in a directory at a higher level of the 
hierarchy (see col. 8, lines 1-24 where upon authentication of access value such as 
"private access" or "shared access" that corresponds to verification of a secret presented 
in a master file or file under master file where the master file corresponds to root 
directory and files under it corresponds to sub-directories access is permitted and 
therefore upon authentication secret known in a subdirectory or files under the master 
files that corresponds to directory Ni or its higher directory that corresponds to master file 
which itself corresponds to higher directory is verified). 

A llo wable Subject Matter 
Claims 3, and 5-7 are allowed over the prior art of record, as stating in the prior actions. 
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Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Christopher J. Brown whose telephone number is 
(571)272-3833. The examiner can normally be reached on 8:30-6:00. 
If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kambiz Zand can be reached on (571)272-38 1 1 . The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 
Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published 
applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.gov. Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO 
Customer Service Representative or access to the automated information system, call 
800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

Christopher J. Brown 6/27/07 




